- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
Holds code block patterns information. More...
#include <intro_types.h>
Data Structures | |
| struct | _INTRO_CODE_BLOCK |
| Array of actual code block patterns. More... | |
Data Fields | |
| BOOLEAN | Valid |
| Set to True if the information in the structure is valid, False otherwise. More... | |
| QWORD | StartAddress |
| The guest linear address from which the code blocks were extracted. More... | |
| QWORD | Rip |
| The value of the guest RIP at the moment of the alert. More... | |
| DWORD | RipCbIndex |
| Index in the CodeBlocks array for the pattern extracted for the instruction at Rip. More... | |
| DWORD | Count |
| The number of available entries in the CodeBlocks array. More... | |
| struct _INTRO_CODEBLOCKS::_INTRO_CODE_BLOCK | CodeBlocks [ALERT_MAX_CODEBLOCKS] |
Holds code block patterns information.
This is used by the exception mechanism as a signature for the code that generated an alert. These are extracted from the memory area around the instruction that generated an alert. Since certain operations that fill the fields in this structure may fail, the Valid field should be checked before using any information present in the structure.
Definition at line 1041 of file intro_types.h.
| struct _INTRO_CODEBLOCKS::_INTRO_CODE_BLOCK _INTRO_CODEBLOCKS::CodeBlocks[ALERT_MAX_CODEBLOCKS] |
| DWORD _INTRO_CODEBLOCKS::Count |
The number of available entries in the CodeBlocks array.
Definition at line 1048 of file intro_types.h.
| QWORD _INTRO_CODEBLOCKS::Rip |
The value of the guest RIP at the moment of the alert.
Definition at line 1046 of file intro_types.h.
| DWORD _INTRO_CODEBLOCKS::RipCbIndex |
Index in the CodeBlocks array for the pattern extracted for the instruction at Rip.
Definition at line 1047 of file intro_types.h.
| QWORD _INTRO_CODEBLOCKS::StartAddress |
The guest linear address from which the code blocks were extracted.
Definition at line 1045 of file intro_types.h.
| BOOLEAN _INTRO_CODEBLOCKS::Valid |
Set to True if the information in the structure is valid, False otherwise.
Definition at line 1043 of file intro_types.h.
Referenced by IntWinCrashHandleDepViolation().
1.8.13